SEC Launches Cryptocurrency Probe
Robert Cohen, head of the SEC’s cyberenforcement unit, last week said at least a dozen companies have put their offerings on hold after the agency raised questions. Many of the cryptocurrency-related subpoenas were issued in recent weeks, likely paving the way for what lawyers and industry insiders expect to be a dramatic upturn in enforcement activity.https://www.wsj.com/articles/sec-launches-cryptocurrency-probe-1519856266

Training insurance agents and brokers in cyber risk
The exposure to risk may be compounded as a result of a recent decision by the U.S. Supreme Court to deny CareFirst a hearing on future harm being a new standard for having standing in a federal civil case. On Tuesday, February 20th, 2017- the Supreme Court “denied certiorari” in the CareFirst vs. Attitas case. What this means in layman’s terms is that when a cyber breach of personally identifiable information (PII) occurs, the “harm” no longer has to be proven to have occurred.https://www.csoonline.com/article/3258801/data-protection/training-agents-and-brokers-in-cyber-risk.html

Swinging the Cybersecurity Pendulum: Can New Strategies “Reverse the Curse?”
So what are some ways in which CISOs and other healthcare security leaders are working to fight off cyber attackers and better protect their data? None of the experts who Healthcare Informatics interviewed for this piece believe in any “magic bullet” approach, but more frequently now, leading minds are pointing to a few specific areas in which organizations can improve their strategies—namely, monitoring users’ behaviors and leveraging identity and access management (IAM) protocols.https://www.healthcare-informatics.com/article/cybersecurity/swinging-cybersecurity-pendulum-can-new-strategies-reverse-curse

AEHIS asks OIG to exempt cybersecurity donations between healthcare providers from fraud enforcement
“We strongly believe an exemption to the antikickback statute that permits for donations of services that further an entity’s cyber posture is warranted,” AEHIS Board Chair Erik Decker, who serves as chief information security officer at the University of Chicago Medicine wrote in the request (PDF). “We recognize there may be limitations around how such an exemption is crafted; however, if it followed many of the requirements that the OIG laid out around the exceptions permitted for donating an electronic health record (EHR), this would be helpful.”https://www.fiercehealthcare.com/tech/aehis-oig-cybersecurity-donations-fraud

Trickle-Down Cyberwarfare Is Harming Just About Every Industry
The document, “2018 Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft,” was published this week. Scouring threat data from CrowdStrike’s experts and monitoring tools, including a cloud-based graph database that processes “nearly 100 billion events a day across 176 countries,” the report outlines cybercrime trends, adversary targeting, and related metrics. But the analysts spill much ink on the rise of cyberwarfare and its collateral—or intentional—damage.http://www.hcanews.com/news/trickledown-cyberwarfare-is-harming-just-about-every-industry

Cyber-security: A necessary component of railway businesses in the digital age
The downside of equipping the railways for the modern age is the associated threats that accompany the adoption of new technology – threats that have thus far eluded them. The threat landscape and the attack surface of railways are naturally increasing as the boundaries between the various actors and different sections of railway businesses are becoming increasingly integrated.https://www.globalrailwayreview.com/article/66228/cybersecurity-railway-digital-age/

Understanding Data Breaches as National Security Threats
Russian operatives purchased stolen U.S. identities, which they used to open U.S. bank and PayPal accounts and to buy access on U.S.-based servers; they then purchased Facebook ads and “buttons, flags, and banners” for political rallies. Employing VPNs to disguise that they were connecting to these U.S.-based servers from Russia, the agents posed as Americans on social media accounts. Consider U.S. privacy protections in light of this statement from the indictment: “Defendants also used the stolen identities of real U.S. persons to post on [Internet Research Agency]-controlled social media accounts.https://www.lawfareblog.com/understanding-data-breaches-national-security-threats

Rogers: US cyber defenses ‘not optimized for speed’
“Right now, the time it takes to deploy capability, the time it takes to coordinate a response across multiple organizations — when those well-meaning and hard-working organizations exist in separate structures — that’s not optimized for speed. So to me, the biggest challenge is how to integrate this more at an execution level. There’s an ongoing dialogue about what’s the right way ahead, and there’s no lack of opinions on this topic.”https://federalnewsradio.com/defense-main/2018/02/rogers-u-s-cyber-defenses-not-optimized-for-speed/

Russia behind compromise of seven states’ voter registration systems
While at least two of the states compromised – Wisconsin and Florida – voted for Trump by slim margins, one and 1.2 percent, respectively, NBC News cited three intelligence officials as saying that no votes had been altered nor had anyone been deleted from voter rolls. The other states affected were California, Arizona, Illinois, Alaska and Texas. Obama’s had ordered the top secret report as his administration drew to a close.https://www.scmagazine.com/russia-behind-compromise-of-seven-states-voter-registration-systems/article/747250/

Russia is going rogue; the US must contain it
Although special counsel Robert Mueller has avoided implicating the Russian government, the Internet Research Agency obviously works for it. This must have consequences for U.S. policy on Russia. Under President Vladimir Putin, the Russian Federation has abandoned the framework of international law that was established with the foundation of the United Nations and elaborated upon in the Helsinki Final Act of 1975.http://thehill.com/opinion/national-security/375885-russia-is-going-rogue-the-us-must-contain-it

Another massive DDoS internet blackout could be coming your way
While older, more established companies are still more likely to host their own DNS, the emergence of cloud as infrastructure means that newer companies are outsourcing everything to the cloud, including DNS. “The concentration of DNS services into a small number of hands…exposes single points of failure that weren’t present under the more distributed DNS paradigm of yesteryear[.] “The Dyn attack offers a perfect illustration of this concentration of risk–a single DDoS attack brought down a significant fraction of the internet by targeting a provider used by dozens of high profile websites and CDNs [content delivery networks].”https://www.csoonline.com/article/3258545/cyber-attacks-espionage/another-massive-ddos-internet-blackout-could-be-coming-your-way.html

Defying Pai’s FCC, Washington state passes law protecting net neutrality
The bill comes in response to the Federal Communications Commission decision in December 2017 to scrap federal net neutrality rules. The state bill still needs the signature of Governor Jay Inslee, who previously pledged to enforce net neutrality “under our own authority and under our own laws,” calling it “a free speech issue as well as a business development issue.” Washington is apparently the first state whose legislature has passed a law that imposes net neutrality rules on all ISPs.https://arstechnica.com/tech-policy/2018/02/fccs-attempt-to-kill-net-neutrality-challenged-by-new-washington-state-law/

Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips
According to Intel documents, an array of its older processors, including the Broadwell Xeon E3, Broadwell U/Y, Haswell H,S and Haswell Xeon E3 platforms, have now been fixed and are available to hardware partners. The company’s new microcode updates come a week after Intel also issued updates for its newer chip platforms like Kaby Lake, Coffee Lake and Skylake.https://threatpost.com/intel-releases-updated-spectre-fixes-for-broadwell-and-haswell-chips/130144/

Misconfigured Memcached Servers Abused to Amplify DDoS Attacks
Cybercriminals behind distributed denial of service attacks have added a new and highly effective technique to their arsenal to amplify attacks by as much as 51,200x by using misconfigured memcached servers accessible via the public internet. The technique was reported by Akamai, Arbor Networks and Cloudflare on Tuesday. All said they have observed an uptick in DDoS attacks using User Datagram Protocol (UDP) packets amplified by memcached servers over the past two days.https://threatpost.com/misconfigured-memcached-servers-abused-to-amplify-ddos-attacks/130150/

‘First true’ native IPv6 DDoS attack spotted in wild
Barrett Lyon, head of research and development, Neustar, told SC Media UK: “We’ve been expecting this event for a while, but it has now happened. We’ve also seen a real ramping up of IPV4 attacks this year too – nearly double compared to the same period in 2017 – but IPV6 attacks present some unique issues that can’t be easily solved. One example is the sheer number of addresses available to an attacker can exhaust the memory of modern security appliances…”https://www.scmagazineuk.com/first-true-native-ipv6-ddos-attack-spotted-in-wild/article/747217/

Got that itchy GandCrab feeling? Ransomware decryptor offers relief
The newly developed (free) antidote works for all known versions of the ransomware. The nasty encrypts personal data on victims’ machines. Security firm Bitdefender developed the GandCrab ransomware decryption tool in collaboration with Europol and Romanian Police. The effort is the latest under the No More Ransom project.https://www.theregister.co.uk/2018/02/28/gandcrab_decryptor/

Want more cybersecurity information?

We may also occasionally send you information about Critical Informatics products and solutions; you can unsubscribe at anytime if desired.

Leave this field empty if you're human:

About Critical Informatics

We are world-class information security professionals providing Managed Detection and Response services to help you be secure, compliant, and resilient against threats to the life safety, life-sustaining, and quality-of-life systems and services you provide to clients, customers, constituents, and communities.